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CLAIMS: 

L A method of storing a data set on a storage device •carrying a file of 
random data comprising the steps of: 

selecting, in dependence on a user input passphrase, a first location within the 
S file of random data for storing a file index; 

selecting a second location within the file of random data for storing the data 
set; 

enciypting the data set; 

storing the encrypted data set at the second selected location in the file of 
10 random data; 

making an entry in the file index in respect of the data set, the entry 
comprising an indication of the second selected location; 
encrypting the file index; and 

storing the encrypted file index at the first selected location in the file of 
IS random data. 

2. A method of operating a computer to store a data set on a storage 
device carrying a file of random data, the method comprising the steps of: 
selecting, in dependence on a user input passphrase, a first location within the 
20 file of random data for a file index; 

selecting a second location within the file of random data for storing the data 
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set; 

encrypting the data set; 

storing the encrypted data set at the second selected location in the file of 
random data; 

5 making an entry in the file index in respect of the data set, the entry 
comprising an indication of the second selected location; 
encrypting the file index; and 

storing the encrypted file index at the first selected location in the file of 
random data. 

10 

3. A method according to claim 1 or claim 2 in which the step of selecting 
the first location for storing the file index comprises the step of selecting the 
first location as a start point of the file index. 

15 4. A method according to any one of claims 1 to 3 in which the encrypted 
file index is stored directly at the first location. 

5. A method according to any one of claims 1 to 3 in which the file index 
is stored at the first location in the file of random data by processing the 
20 random data using the encrypted file index. 
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6. A method according to any one of claims 1 to S in which the encrypted 
data is stored directly at the second location. 

7. A method according to any one of claims 1 to 5 in which the data set is 
5 stored at the second selected location in the file of random data by processing 

the random data using the encrypted data set. 

8. A method according to any preceding claim which comprises the step of 
using the user input passphrase for generating a key for encrypting the file 

10 index. 

9. A method according to any preceding claim in which the passphrase is 
used for generating a key for encrypting the data set. 

IS 10. A method according to any preceding claim in which the passphrase is 
used in selecting the second location. 

11. A method according to any preceding claim in which one of, or any 
combination of, the first location, the second location, the key for the file index 
20 and the key for the data set is/are determined by using at least one hash 
function to operate on the user input passphrase. 
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12. A method according to any preceding claim in which the passphrase is 
operated on once to produce an output which is used for determining at least 
two of the first location, the second location, the key for the file index and the 
key for the data set. 

5 

13. A method according to any preceding claim in which the passphrase is 
operated on a plurality of times, each operation generating an output for use in 
determining one of or a combination of the first location, the second location, 
the key for the file index and the key for the data set. 

10 

14. A method according to any preceding claim in which the same key is 
used for encrypting the set of data as is used for encrypting the file index. 

15. A method according to any preceding claim which comprises (he step of 
15 storing further sets of data using the same passphrase. 

16. A method according to claim 15 which is such that a respective location 
for each data set is selected, each data set is encrypted and stored at the 
respective location, and respective entries are added to the file index. 

20 

17. A method according to any preceding claim, comprising the step of 
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Storing further file indexes within the file of random data, each of which 
indexes is associated with a respective passphrase and each of which indexes is 
encrypted and is stored at a location selected in dependence on the respective 
passphrase. 

5 

18. A method according to claim 17 in which respective encryption keys are 
generated from the respective passphrases and these respective keys are used 
for encrypting data sets which are associated with each file index. 

10 19. A method according to claim 17 or claim 18 comprising the step of 

selecting the passphrase for, and hence location for, an additional file index in 
the knowledge of all of the existing passphrases corresponding to file indexes 
already stored in the file of random data such that collisions may be avoided. 

15 20. A method according to any one of claims 17 to 19, in which, where 
theie are a plurality of file indexes stored in the file of random data, the 
method comprises the step of selecting a location for an additional data set in 
the knowledge of all of the existing passphrases corresponding to file indexes 
already stored in the file of random data such that collisions may be avoided. 

20 

21. A method according to any one of claims 17 to 20 -comprising the step 
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of Storing additional data sets using a passphrase whilst in ignorance of one or 
more other existing passphrase. 

22. A method according to any one of claims 17 to 21 comprising the step 
5 of storing data sets in a predetermined relationship to the respective file index 

to help prevent collisions, for example data sets may be stored adjacent to the 
respective file index, data sets. may be stored substantially contiguously to the 
respective file index, and data sets may be stored at locations close to but after 
the respective file index. 

10 

23. A method according to any preceding claim comprising the step of 
storing data on a storage device carrying a plurality of files of random data. 

24. A method according to any preceding claim in which the or each file 
IS index comprises a message authentication code. 

25. A method according to claim 24 in which the file index comprises a 
message authentication code of all associated data sets so as to facilitate the 
detection of tampering. 

20 

26. A method according to claim 24 or 25 in which the file index 
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comprises a message authentication code of the whole of the file of random 
data for use in detecting other usage of the file. 



27. A method according to any preceding claim comprising the step of 
5 pre-processing the data set prior to encryption. 

28. A method according to any preceding claim comprising the step of 
presenting a user with an indication of the location within the file of random 
data that will be selected for the file index when using a predetermined 

10 passphrase. 



29. A method according to claim 28 comprising the step of accepting user 
entered trial passphrases and providing the user with an indication of the 
location within the file of random data that will be selected for the file index 

IS for each trial passphrase. 

30. A method according to claim 28 or claim 29 comprising the further step 
of providing to the user an indication of the regions of the file of random data 
that are already occupied by file indexes having passphrases that have been 

20 supplied by the user. 
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31. A method according to any preceding claim comprising the step of 
receiving an indication from a user of a location within the file of random data 
which the user desires to use for a file index. 

5 32. A method according to claim 31 comprising the step of suggesting 

possible passphrases to a user in response to a user indicating a location within 
the file of random data which the user desires to use for a file index. 

33. A method according to claim 31 or 32 comprising the steps of receiving 
10 a user input passphrase and suggesting a modified passphrase. 

34. A method accoiding to claim 33 in which the modification of the 
passphrase is selected so as to move the location at which the associated index 
would be stored towards a desired location indicated by the user and/or so as to 

15 strengthen the passphrase. 

35. A method according to any preceding claim comprising the step of 
deleting a data set stored on a storage device. 

20 36. A method according to claim 35 comprising the step of removing the 
respective entry from the file index. 
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37. A method according to claim 36 in which the deleting step comprises 
the step of overwriting the data set with random data as well as removing the 
entry from the file index. 

5 38. A method according to any one of claims 35 to 37 comprising the step 
of reorganising data stored in association with a file index when one or more 
data set referenced in that file index is deleted. 

39. A method according to claim 37 in which the overwriting step 

10 comprises the step of using the random data and/or encrypted data stored in the 
file of random data for generating pseudo-random data for overwriting deleted 
files. 

40. A method according to claim 39 in which the method comprises the 
15 step of using random numbers from the file of random data that would be 

overwritten when adding a data set to replace any pseudo-random values 
previously used elsewhere within the file of random data. 

41. A storage device carrying a file of random data in which file of random 
20 data is stored a file index and a data set, wherein the file index is encrypted 

and is stored at a first location determined by a passphrase, the data set is 
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encrypted and is stored at a second location and the file index comprises an 
entry in respect of the data set, the entry comprising an indication of the second 
location. 

5 42. A storage device according to claim 41 carrying software for use in the 
storing and extraction of data sets in the random data. 

43. A storage device according to claim 41 or 42 in which the passphrase 
has been used to generate a key for encrypting the file index and/or for 

10 encrypting the data set. 

44. A storage device according to any one of claims 41 to 43 in which the 
software carried by the storage device is arranged such that when loaded and 
run by a computer, the computer is caused to carry out any one of, or any 

15 combination of, the following steps: 

accepting passphrases, generating corresponding keys, and determining 

respective locations for storage of file indexes; 

encrypting file indexes; 

encrypting data sets; 
20 storing file indexes; 

selecting locations for data sets; 
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Storing data sets; 

accepting passphrases and locating and decrypting respective file indexes; 
locating and deciypting data sets; 
retrieving data sets. 

45. A storage device according to any one of claims 41 to 44 which further 
carries a conventional file allocation table. 



10 46. A storage device according to any one of claims 41 to 45 which 
comprises a portion of Read Only Memory (ROM). 

47. A storage device according to claim 45 which comprises a ROM portion 
that carries the file allocation table, the software and an operating system 
IS header file for the file of random data. 



48. The storage device according to any one of claims 41 to 47 which is a 
removable storage device. 

20 49. A storage device according to any one of claims 41 to 48 having a 
unique serial number. 



wo 2005/078987 



PCT/GB2005/000309 



62 

50. A storage device according to any one of claims 41 to 49 which carries 
a unique hard coded identifier which is used in the encryption and/or 
decryption process. 

5 51. A storage device according to any one of claims 41 to 50 which is sold 
with a pretext for at least one use. 

52. A computer arranged under the control of software for storing a data set 
on a storage device carrying a file of random data using the steps of: 
10 selecting, in dependence on a user input passphrase, a first location within the 
file of random data for the storing a file index; 

selecting a second location within the file of random data for storing the data 
set; 

encrypting the data set; 
15 storing the encrypted data set at the second selected location in the file of 
random data; 

making an entry in the file index in respect of the data set, the entry 
comprising an indication of the second selected location; 
encrypting the file index; and 
20 storing the encrypted file index at the first selected location in the file of 
random data. 
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53. A computer according to claim 52 which is arranged under the control 
of software to present a user with an indication of the location within the file of 
random data that will be selected for storing the file index when using a 
predetermined passphrase. 

5 

54. A computer according to claim 52 or 53 which is arranged under the 
control of software to accept user entered trial passphrases and provide the user 
with an indication of the location within the file of random data that will be 
selected for storing the file index for each trial passphrase. 

10 

55. A computer according to claim 52, 53 or 54 which is arranged under the 
control of software to provide the user an indication of the regions of the file of 
random data that are already occupied by file indexes having passphrases that 
have been supplied by the user. 

15 

56. A computer according to any one of claims 52 to 55 which is arranged 
under the control of software to suggest possible passphrases to a user in 
response to a user indicating a location within the file of random data which 
the user desires to use for storing a file index. 

20 

57. A computer according to any one of claims 53 to 56 which is arranged 
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under the control of software to present a user interface for displaying the 
indications. 

58. A computer according to claim 57 in which the user interface is 

5 arranged so that a user can use a pointing device to indicate the location within 
the file of random data which the user desires to use for storing a file index. 

59. A method of extracting a data set stored on a storage device according 
to any one of claims 41 to 51, the method of extracting data comprising the 

10 steps of: 

accepting a user input passphrase; 

determining the location for a file index indicated by the passphrase; 
decrypting the file index; 

identifying the location of the requested data set from the file index; and 
15 decrypting the data set. 

60. A computer arranged under the control of software to extract data using 
a method according to claim 59. 

20 61. A method of storing a data set on a storage device carrying a file of 
random data comprising the steps of: 
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selecting, in dependence on a user input passphrase, a first location within the 
file of random data for storing a file index; 

selecting a second location within the file of random data for storing the data 
set; 

5 encrypting the data set; 

storing the data set at the second selected location in the file of random data; 
making an entry in the file index in respect of the data set, the entry 
comprising a indication of the second selected location; 
encrypting the file index; and 

10 storing the file index at the first selected location in the file of random data, 
wherein the method comprises the further steps, prior to finalising the user 
input passphrase, of accepting at least one user entered trial passphrase and 
providing the user with an indication of the location within the file of random 
data that will be selected for the file index associated with the at least one user 

IS entered trial passphrase. 

62. A computer program comprising code portions which when loaded and 
run on a computer cause the computer to carry out a method according to any 
one of claims 1 to 40, 59 and 60. 

20 

63. A computer readable data carrier, such as a signal or a storage device. 
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for example a DVD*Rom, a CD-Rom, a USB Memory Stick, a hard disk and 
so on, carrying a computer program according to claim 62. 



